Expositor: Walter Lijo
Resumen: Con el gran crecimiento de APIs en la industria de software nos vemos obligados a realizar cada vez una mayor cantidad de tests en menos tiempo, y que los mismos sean simples de mantener. Ante esta premisa encontré Chakram que facilita el trabajo que necesitamos realizar.
Chakram nos da la posibilidad de testear de una manera simple y rápida APIs Rest. Este framework nos da como ventaja:
- Realizar HTTP Assertions basadas en Chai.js
- Aprovechar al máximo las promises de javascript
- Usar BDD + Hooks
- Extensible, permitiendo crear nuevas validaciones al framework
El workshop está enfocado a conocer el framework, dar las pautas principales de cómo funciona y crear test de forma simple.
An introduction to Meteor, the javascript framework for efficiently deploying your applications, as given at the Chattanooga Developer's Lunch on July 3rd, 2014. During the presentation, I try to put together a clone demo of GoogleDocs to exhibit the capabilities of Meteor!
Praktik Pengembangan Konten E-Learning HTML5 SederhanaMuhammad Yusuf
Praktik sederhana pengembangan konten E-Learning yang menggunakan HTML5 sebagai dasar pengembangannya. Pada akhir pengembangan dilakukan penyesuaian konten untuk memenuhi standar SCORM sehingga hasil akhir kontennya adalah sebuah konten yang mendukung standar SCORM dan siap dikonsumsi oleh LMS. Library yang digunakan adalah CreateJS.
The following illustrates some of the common security challanges Node.js developers are up against. The presentation covers various types of JavaScript-related hacks and NoSQL injection hacking via Express and MongoDB.
MongoDB is the trusted document store we turn to when we have tough data store problems to solve. For this talk we are going to go a little bit off the path and explore what other roles we can fit MongoDB into. Others have discussed how to turn MongoDB’s capped collections into a publish/subscribe server. We stretch that a little further and turn MongoDB into a full fledged broker with both publish/subscribe and queue semantics, and a the ability to mix them. We will provide code and a running demo of the queue producers and consumers. Next we will turn to coordination services: We will explore the fundamental features and show how to implement them using MongoDB as the storage engine. Again we will show the code and demo the coordination of multiple applications.
An introduction to Meteor, the javascript framework for efficiently deploying your applications, as given at the Chattanooga Developer's Lunch on July 3rd, 2014. During the presentation, I try to put together a clone demo of GoogleDocs to exhibit the capabilities of Meteor!
Praktik Pengembangan Konten E-Learning HTML5 SederhanaMuhammad Yusuf
Praktik sederhana pengembangan konten E-Learning yang menggunakan HTML5 sebagai dasar pengembangannya. Pada akhir pengembangan dilakukan penyesuaian konten untuk memenuhi standar SCORM sehingga hasil akhir kontennya adalah sebuah konten yang mendukung standar SCORM dan siap dikonsumsi oleh LMS. Library yang digunakan adalah CreateJS.
The following illustrates some of the common security challanges Node.js developers are up against. The presentation covers various types of JavaScript-related hacks and NoSQL injection hacking via Express and MongoDB.
MongoDB is the trusted document store we turn to when we have tough data store problems to solve. For this talk we are going to go a little bit off the path and explore what other roles we can fit MongoDB into. Others have discussed how to turn MongoDB’s capped collections into a publish/subscribe server. We stretch that a little further and turn MongoDB into a full fledged broker with both publish/subscribe and queue semantics, and a the ability to mix them. We will provide code and a running demo of the queue producers and consumers. Next we will turn to coordination services: We will explore the fundamental features and show how to implement them using MongoDB as the storage engine. Again we will show the code and demo the coordination of multiple applications.
Upgrading your grails app from a previous version to the new world of Grails 2.X
Tips on how to prepare, what to do, and gotchas that may pop up.
Presented on 7/22/13 at Gr8ConfUS in Minneapolis, MN
Creating Applications with WebGL and Three.jsFuture Insights
James Williams's talk from Future Insights Live 2014 in Las Vegas: "There was once a time where gaming in the browser meant Flash. That time is no more. In this session, you’ll learn the basics of game programming, WebGL, and how to use Three.js to create WebGL applications."
Miss his talk? Join us at a future show: www.futureofwebapps.com. Sign up for our newsletter at futureinsights.com and get 15% off your next conference.
Describes the overview process and technique of lazy loading javascript from external 3rd parties or your own in-house stuff and provides a simple example with the possible benefits for large javascript applications.
AWS Lambda@Edge 서비스를 이용하면, AWS의 콘텐트 배포 네트워크(CDN)의 엣지네트워크에서 별도의 자바스크립트 코드를 통해 원하는 애플리케이션 기능을 수행할 수 있습니다. 본 세션에서는 AWS의 콘텐츠 배포 네트워크 활용 방법과 아울러 활용 방법 및 간단한 데모를 통해 엣지 컴퓨팅 서비스를 만들 수 있는 방법을 소개합니다.
Rapid and Scalable Development with MongoDB, PyMongo, and MingRick Copeland
This talk, given at PyGotham 2011, will teach you techniques using the popular NoSQL database MongoDB and the Python library Ming to write maintainable, high-performance, and scalable applications. We will cover everything you need to become an effective Ming/MongoDB developer from basic PyMongo queries to high-level object-document mapping setups in Ming.
These are the slides for this presentation http://www.meetup.com/HardCoreJS/events/133346272/
The goal is to influence the thought process of developers and make them into rockstar engineers by showing how to form the habit of abstraction into one's coding.
Upgrading your grails app from a previous version to the new world of Grails 2.X
Tips on how to prepare, what to do, and gotchas that may pop up.
Presented on 7/22/13 at Gr8ConfUS in Minneapolis, MN
Creating Applications with WebGL and Three.jsFuture Insights
James Williams's talk from Future Insights Live 2014 in Las Vegas: "There was once a time where gaming in the browser meant Flash. That time is no more. In this session, you’ll learn the basics of game programming, WebGL, and how to use Three.js to create WebGL applications."
Miss his talk? Join us at a future show: www.futureofwebapps.com. Sign up for our newsletter at futureinsights.com and get 15% off your next conference.
Describes the overview process and technique of lazy loading javascript from external 3rd parties or your own in-house stuff and provides a simple example with the possible benefits for large javascript applications.
AWS Lambda@Edge 서비스를 이용하면, AWS의 콘텐트 배포 네트워크(CDN)의 엣지네트워크에서 별도의 자바스크립트 코드를 통해 원하는 애플리케이션 기능을 수행할 수 있습니다. 본 세션에서는 AWS의 콘텐츠 배포 네트워크 활용 방법과 아울러 활용 방법 및 간단한 데모를 통해 엣지 컴퓨팅 서비스를 만들 수 있는 방법을 소개합니다.
Rapid and Scalable Development with MongoDB, PyMongo, and MingRick Copeland
This talk, given at PyGotham 2011, will teach you techniques using the popular NoSQL database MongoDB and the Python library Ming to write maintainable, high-performance, and scalable applications. We will cover everything you need to become an effective Ming/MongoDB developer from basic PyMongo queries to high-level object-document mapping setups in Ming.
These are the slides for this presentation http://www.meetup.com/HardCoreJS/events/133346272/
The goal is to influence the thought process of developers and make them into rockstar engineers by showing how to form the habit of abstraction into one's coding.
Use Angular Schematics to Simplify Your Life - Develop Denver 2019Matt Raible
Angular Schematics give developers a way to manipulate projects with code. Not just Angular projects, but any project that has a package.json file! Learn how to use them in this talk.
Blog post: https://developer.okta.com/blog/2019/02/13/angular-schematics
GitHub repo: https://github.com/oktadeveloper/schematics
Front End Development for Back End Developers - vJUG24 2017Matt Raible
Are you a backend developer that’s being pushed into front-end development? Are you frustrated with all JavaScript frameworks and build tools you have to learn to be a good UI developer? If so, this session is for you! We’ll explore the tools for frontend development and frameworks too!
Streamed live at 8pm MST on Oct 25, 2017! https://virtualjug.com/vjug24/
JHipster is one of those open-source projects you stumble upon and immediately think, "Of course!" It combines three very successful frameworks in web development: Bootstrap, Angular, and Spring Boot. Bootstrap was one of the first dominant web-component frameworks. Its largest appeal was that it only required a bit of HTML and it worked! All the efforts we made in the Java community to develop web components were shown a better path by Bootstrap. It leveled the playing field in HTML/CSS development, much like Apple's Human Interface Guidelines did for iOS apps.
This talk shows you how to use JHipster to build a Spring Boot API, an Angular UI, and make it all look good with Bootstrap. You'll learn how to deploy the generated project to Heroku too!
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020Matt Raible
Spring Boot is an efficient way to build Java applications with the Spring Framework. If you’re developing apps that handle sensitive data, you should make sure they’re secure.
This session will cover HTTPS, dependency checking, CSRF, using a CSP to prevent XSS, OIDC, password hashing, and much more!
You’ll learn how to add these features to a real application, using the Java language you know and love.
* Blog post: https://developer.okta.com/blog/2018/07/30/10-ways-to-secure-spring-boot
* Cheat sheet: https://snyk.io/blog/spring-boot-security-best-practices/
* OIDC demo: http://bit.ly/spring-oidc-demo
A Gentle Introduction to Angular Schematics - Devoxx Belgium 2019Matt Raible
You might’ve heard of Angular Schematics, but do you know what they do? Learn how you can use this powerful tool to develop workflows and simplify configurations for your Angular projects.
In this session, you'll learn how to create a schematic, how to test it, and how you can use them with non-Angular projects.
* YouTube video: https://youtu.be/bLLJqagO_dg
* Blog post: https://developer.okta.com/blog/2019/02/13/angular-schematics
* GitHub repo: https://github.com/oktadeveloper/schematics
The WordPress REST API is a powerful tool that can enhance your web development projects. In this presentation, attendees will learn how to leverage WordPress's existing endpoints and create custom ones using PHP without needing plugins. Attendees will also learn how to use their endpoints to power their front-end React apps, web apps or even entirely separate websites. Finally, attendees will learn about security concerns and how to lock down the REST API. Time permitting, attendees can have a Q&A period to ask questions.
The WordPress REST API was introduced in 2016 in version 4.7. It has been part of the WordPress ecosystem for about seven years and is well-documented. With the introduction of React and Gutenberg blocks, the REST API can take on a new life to help developers create complex apps with relative ease. Where once it was primarily used for basic integrations, now developers are harnessing its full capabilities for ambitious projects. The WordPress REST API can power modern web applications and custom blocks, showing that it remains highly relevant for building on the web today. Even after years of existence, the REST API remains a cornerstone of the WordPress framework.
AngularJS with TypeScript and Windows Azure Mobile ServicesRainer Stropek
In the coming two weeks I will do a series of talks at various conferences in Austria and Germany. I will speak about AngularJS, TypeScript, and Windows Azure Mobile Services. In this blog post I publish the slides and the sample code.
Web APIs have revolutionized all kinds of products and services, and still continue to do so. Nowadays the most relevant architecture is REST along with the JSON media type. Furthermore, lots of specifications to serialize those media types are appearing. JSON API has released its first version last May.
Parse is a suite of cloud based APIs, services and libraries that focus on letting developers build out rich applications and less time dealing with the overhead of setting up and managing databases, push notifications, social sign on, analytics, and even hosting and servers.
In this series I'll overview the options around developing an application that leverages Parse, including using Cloud Code to deploy your Node.js app to Parse's own hosting service.
RSVP Node.js class at www.nycdatascience.com
NYC data science academy's free workshop, given at NYC Open Data Meetup, http://www.meetup.com/NYC-Open-Data/events/163300552/
A Gentle Introduction to Angular Schematics - Angular SF 2019Matt Raible
You might’ve heard of Angular Schematics, but do you know what they do? Learn how you can use this powerful tool to develop workflows and simplify configurations for your Angular projects.
Blog post: https://developer.okta.com/blog/2019/02/13/angular-schematics
Source code: https://github.com/oktadeveloper/okta-angular-schematics-example
Screencast: https://youtu.be/ANwZIt3Ni2s
Similar to Taller evento TestingUY 2017 - API Testing utilizando Chakram (20)
Webinar TestingUy - Cuando el testing no es opcionalTestingUy
Expositor: Maximiliano Mannise
-------------------------------------------
Resumen del webinar
-------------------------------------------
Si bien en los tiempos que corren muchas empresas, sino ¿todas? … tienen en su día a día incorporadas las actividades de testing de software, hay sectores que desde siempre lo han tenido en cuenta y forma parte de sus procesos. Este sector agrupa un gran número de sistemas (HW/SW) y son conocidos como SCS (Safety-Critical Systems), sistemas que si fallan ponen en riesgo la vida humana, el medio ambiente o infraestructuras. Están presentes en nuestro día a día: automoción, medicina, aeroespacial, energía, transporte terrestre y marítimo entre otros.
Como testers no siempre se nos da la oportunidad de abordar proyectos en estos sectores. En esta sesión les contaré mi experiencia personal en un proyecto de tren de alta velocidad (actividades de verificación y validación) y más recientemente en el sector médico: certificación de software sanitario para uso en Europa (marcado CE de producto sanitario). Veremos normativas vigentes, el enfoque tradicional de testing y cómo están irrumpiendo los métodos ágiles en el sector.
Si te interesa conocer el testing en este tipo de proyectos, lo que hemos hecho y los desafíos que nos esperan, ¡no te pierdas esta sesión!
-------------------------------------------
Acerca de Maximiliano Mannise
-------------------------------------------
Maximiliano Mannise es Ingeniero en Computación de la Universidad Católica de Uruguay. Comenzó su carrera profesional en IBM Uruguay (1998), pasando por diferentes cargos y proyectos. En 2005 como Test Project Manager donde comienza su relación más directa con la disciplina de test. Actualmente se desempeña como Director de Software Quality en el Instituto Tecnológico de Informática (ITI) Valencia, España. Maximiliano ha participado en múltiples proyectos de calidad de software desde el 2005, en Uruguay, Argentina y desde 2007 en España. Es organizador de VLC Testing (www.vlctesting.es), el principal evento de testing en Valencia.
Linkedin: https://www.linkedin.com/in/mmannise/
Twitter: https://twitter.com/mmannise
Webinar TestingUy - Usando Principios del Testing de Software en Tiempos de C...TestingUy
Expositora: Juliana Herbert.
-------------------------------------------
Resumen del webinar
-------------------------------------------
Ya está bien documentado en la literatura, y se ha experimentado en la práctica, que los testers tienen éxito en su trabajo cuando encuentran defectos en el software con sus casos de testing. De lo contrario, entienden que el testing puede haber sido solo una pérdida de tiempo ... Estas son características que pueden parecer un poco raras para los profesionales en otras áreas, pero son completamente comprensibles en el contexto del testing.
Es por eso que, en 1979, en el libro "The Art of Software Testing", Glenford Myers definió el testing como "el proceso de ejecutar un programa con la intención de encontrar defectos".
Lisa Crispin y Janet Gregory, en "Agile Testing" (2009), presentan principios adicionales considerando el testing ágil, como el feedback continuo, la entrega de valor al cliente, el coraje, la simplificación y el enfoque en las personas.
Actualmente, el tema más discutido, uno de los más investigados y uno de los más controvertidos es la COVID-19, una enfermedad infecciosa y contagiosa causada por el coronavirus SARS-CoV-2, identificada inicialmente en Wuhan, China, en diciembre de 2019 y caracterizada como una pandemia por la Organización Mundial de Salud el 11 de marzo de 2020.
Con más de 7 millones de casos en todo el mundo y 400,000 muertes (situación al 8 de junio), sin vacuna o remedios específicos para su cura, la COVID-19 ha sido combatida en todo el mundo a través de campañas de salud básica y difusión de información.
Difundir información hoy es relativamente fácil. Pero saber identificar, comprender y analizar la confiabilidad y veracidad de esta información está lejos de ser simple. Principalmente para el público en general, muchas veces incluido digitalmente, pero sin el conocimiento necesario para una verdadera inclusión. La situación es agravada por la difusión de información falsa, con parcialidad e incompleta.
En este seminario web, hablaremos sobre cómo se pueden usar los principios y valores de las pruebas de software para desarrollar criterios que pueden ayudar en la interpretación y el análisis de la información sobre COVID-19. También hablaremos sobre formas de difundir estos criterios para el desarrollo de estas habilidades de "tester de software" al público en general, con el objetivo de contribuir a una comprensión más general de la situación y a una inclusión digital amplia y basada en el conocimiento.
Webinar TestingUy - Sesgos cognitivos en las pruebas. El lado más humano de...TestingUy
Expositor: Francisco Moreno
-------------------------------------------
Resumen del webinar
-------------------------------------------
Dentro de cualquier proyecto o equipo trabajo el mayor aporte valor de un tester se da cuando participa en la definición de las historias de usuario, define pruebas de aceptación previas al desarrollo, aporta ejemplos de casos de uso, realiza pruebas exploratorias, empatiza con los usuarios y propone ideas que mejoran el producto final. Todo ello requiere un proceso de aprendizaje, asimilación, comprensión y evaluación de posibilidades que finalmente se traducirá en unas pruebas a realizar sobre el sistema.
Todas las etapas enumeradas anteriormente suponen un proceso mental complejo donde intervienen tanto capacidades análiticas, memorísticas como emocionales. Es por esto, que, como seres humanos, no podemos suponer que dichas capacidades no se ven afectadas por nuestra propia percepción del mundo, experiencias pasadas, entorno, educación recibida, edad, sexo, color de piel, etc.
Es decir, como contraposición al scripting testing más puro y al checking automático es precisamente el factor humano el que aporta más valor a las pruebas, pero a su vez, los sesgos que todas las personas “arrastramos” y que forman una parte de nosotros puede que las pruebas se vean afectadas negativamente.
Existen documentados multitud de sesgos cognitivos, en la charla veremos cómo pueden afectar algunos de ellos a las pruebas y cómo mitigar sus efectos.
-------------------------------------------
Acerca de Francisco
-------------------------------------------
Francisco Moreno es Ingeniero Informático y PMP con más de 8 años de experiencia en múltiples disciplinas relativas a la ingeniería del software, especialmente automatización de pruebas, QA, diseño y arquitectura de sistemas, ingeniería de requisitos, integración, desarrollo y gestión de
proyectos.
https://www.linkedin.com/in/franciscomorenosanz/
https://twitter.com/morvader
Webinar TestingUy - Thinking outside the box: Cognitive bias and testingTestingUy
Speaker: Lisa Crispin
-------------------------------------------
Abstract
-------------------------------------------
Finding bugs requires detective work. You look for evidence, you interrogate witnesses - and some of those might not be telling the truth! You need lateral thinking to find your perpetrator.
As testers, we often hear that the capability to think outside the box is an essential skill to have. In fact, this skill is great to have even if you’re not a tester. Thinking outside the box permits you to generate new and innovative ideas, to find bugs that nobody could think about, it can also help you find completely new ways to solve problems.
We all have unconscious biases that can limit our observational skills and creativity. In this session, we’ll discuss lateral vs. vertical thinking, and explain how our brain’s “wiring” can make thinking outside the box be difficult.
Lisa will talk about several common cognitive biases that can work against us and get in the way of effective testing. She may challenge you to try some games that promote lateral thinking, as best we can in a virtual conference! You’ll get some guidance on how to keep building up your lateral thinking “muscles”.
-------------------------------------------
About Lisa
-------------------------------------------
Quality Owner focused on Observability at OutSystems. Co-founder, with Janet Gregory, of the agile Testing Fellowship, with our three day "Agile Testing for the Whole Team" course available around the world - and soon, to be available virtually!
Hands-on tester on high-performing agile teams since 2000. Co-author with Janet Gregory, Agile Testing Condensed, Agile Testing: A Practical Guide for Testers and Agile Teams, More Agile Testing: Learning Journeys for the Whole Team, "Agile Testing Essentials" video course. Contributor to Beautiful Testing and Experiences in Test Automation. Co-author of Testing Extreme Programming Mission: Bringing testing joy to the agile and DevOps worlds, and agile/DevOps joy to the testing world.
Specialties: Agile testing, finding good ways for teams to deliver high quality software
https://www.linkedin.com/in/lisa-crispin-88420a/
https://twitter.com/lisacrispin
Meetup TestingUy 2019 - Plataforma de integración y testing continuoTestingUy
Oradores: Javier Castro y Mónica Wodzislawski
Resumen: Muchas organizaciones comienzan a aplicar metodologías ágiles para la construcción de productos de software. Sin embargo, en nuestra experiencia en el Centro de Ensayos de Software (CES), a través de múltiples proyectos y consultorías de testing de software, observamos que las empresas enfrentan dificultades importantes para articular las actividades de desarrollo, testing y puesta en producción, con la eficiencia y calidad requerida.
Se presentará una plataforma de integración continua que incluye el testing automatizado en los diferentes niveles de la pirámide de Cohn. Esta plataforma sirve como prototipo para presentar en la industria de TI, mostrar sus beneficios y contribuir a resolver los obstáculos que enfrentan las empresas y organizaciones.
Meetup TestingUy 2019 - May the automation be with youTestingUy
Oradora: Melina Nogueira
Resumen: Experiencia de Arbusta en esta transición de identificar skills para reconvertir testers manuales en automatizadores y generar equipos híbridos.
Meetup TestingUy 2019 - De árboles, de bosques y de selvas ¿qué visión tengo ...TestingUy
Oradores: Giuliana Bentancor y Matías Pírez
Resumen: Ya sean pruebas modulares, de integración o de sistema, toda funcionalidad bajo prueba es parte de un sistema más complejo que a su vez está embebido en una organización que se rige por reglas, pautas y normas todavía más generales. Muchas veces las pruebas se sesgan en la funcionalidad estudiada sin terminar de comprender el negocio del que son parte, pero incluso cuando se intenta encarar las pruebas desde la perspectiva del negocio cabe la pregunta: ¿realmente conozco el negocio? ¿qué implica conocerlo? ¿cómo puedo hacer para obtener esta información?
Meetup TestingUy 2019 - En clave de protocolo con apache JMeterTestingUy
Orador: Gustavo Mažeikis
Resumen: Cuando nos enfrentamos a la tarea de probar una aplicación en Internet es importante conocer cuál es su arquitectura y cómo son las relaciones entre sus componentes. Los mensajes que envían las partes, las acciones que se producen como respuesta y las reglas que gobiernan esos intercambios, son piezas clave para alcanzar ese entendimiento. Porque, al igual que en muchas actividades humanas, el comportamiento de las aplicaciones está regido por protocolos. En esta presentación compartiremos cómo el conocimiento de alguno de estos protocolos y de Apache JMeter nos ayudó en la resolución de un problema práctico en la organización del evento TestingUy.
Meetup TestingUy 2019 - Si Tony Stark fuera TesterTestingUy
Orador: Claudio Posada
Resumen: Comienzas un proyecto y ya tienes elegido el equipo, la metodología, la arquitectura de pruebas, las herramientas. Todo resulta fantástico hasta que constatas que van a pasar semanas hasta que se encuentre disponible la infraestructura necesaria.
¿Porque esto nunca le pasa a Tony Stark? ¿Que tal si pudieras disponer de toda la infraestructura de testing en minutos? ¿Crear y destruir ambientes a demanda? ¿Disponer de Stressors con un límite teórico infinito?
Te invito a vivir la experiencia de ser parte de Industrias Stark por 30 minutos. Descubriremos junto, como Platform as a Service (de la mano de Openshift) cambia nuestra forma de trabajar y nos lleva al siguiente nivel. Luego quedará en ti decidir si volver atrás o impulsar el cambio.
Meetup TestingUy 2019 - ¿Test cases? ¿Son siempre necesarios?TestingUy
Expositor: Edgardo Crovetto
Resumen: ¿Cuántas veces pasa que hay que hacer tests cases por el hecho de hacerlos y además hechos para ayer porque no hay tiempo?¿Qué podemos hacer para mantener el máximo cubrimiento de prueba y mínima documentación?
El objetivo es realmente enfocarnos en hacer entrega de un producto de calidad, sin la obligación de crear documentación innecesaria por el hecho de hacerlo. Al mismo tiempo, poder mostrar cubrimiento de pruebas apropiado y hacer los informes necesarios para poder estar confiados que se está entregando con calidad.
En esta charla trataremos de dar un enfoque para poder elegir una buena estrategía en base a algún caso práctico.
Charla TestingUy 2019 - ¿Podemos hacer que la seguridad sea usable?TestingUy
Expositores: Josmell Chavarri y M. Victoria Perez
Resumen: Para confiar en un sistema, lo mínimo que esperamos, es que nuestros datos personales sean utilizados de forma segura. Pero también esperamos que este sistema sea agradable, y fácil de usar.
¿Ahora, qué pasa cuando estas medidas de seguridad, tan necesarias para garantizar la confianza, complican la vida del usuario? ¿Será que la seguridad se pone en contra de la usabilidad? o ¿es que la usabilidad simplifica en exceso las cosas, pasando por alto las recomendaciones de seguridad?
Uno de los factores más importantes a la hora de analizar la seguridad de una aplicación, es el impacto que puede tener un comportamiento de usuario no esperado. Por otro lado el desarrollo de experiencia de usuario trabaja con el comportamiento de los usuarios para crear experiencias y mejorar la usabilidad de los sistemas.
¿Por qué entonces no consideramos en el diseño de experiencia de usuario a la seguridad, en lugar de sumarla previo a salida a producción?
Te invitamos a revisar con nosotros, estos dos conceptos que a primera vista parecen tan opuestos y que no solo cuentan con un origen común sino también con un fin muy alineado.
Charla TestingUy 2019 - Testers as Test Consultants: How to learn the skills?TestingUy
Expositor: Lisa Crispin
Resumen: When defining what “modern testing” means to him, Alan Page has said that testers on cross-functional teams should also be testing coaches. Lisa and her co-author Janet Gregory like to think of testers playing a “test consultant” role. Wait, yet another set of skills we have to learn to be successful testers? Not to worry. The skills that make us valuable testers let us help others on our team improve their testing skills. Testers are great at asking questions, providing quick feedback, identifying and solving problems. Lisa will explore ways to grow and apply the skills we already use to help non-testers learn to prevent bugs and build quality in. And she’ll talk about new skills we may need to learn to succeed as test consultants, and how to learn them.
Learning intentions:
- Why testers need to be test consultants, rather than do all the testing themselves
- Skills a tester needs to help others on their cross-functional team learn how to do testing activities themselves
- Ways we can learn and practice these skills
Expositor: Melissa Eaden
Resumen: Based on my blog post, “Ready Tester One? Go!” I take a look at my own career development and the need to understand a probable career development path for testers in software development. By using and identifying with gaming techniques such as “leveling”, testers are encouraged to find where they think they are in their career growth and then find out how they should continue along the “tester” path and what that might look like as you gain levels. Includes a nifty character sheet people can use to chart their own learning path!
Charla TestingUy 2019 - Patterns Para Enseñar Testing a Personas que No Desar...TestingUy
Expositor: Juliana Herbert
Resumen: Los profesionales que confían en el software para la ejecución de actividades cada vez más críticas y complejas también deben saber probarlo. Aunque estos profesionales no sean testers, enseñarles técnicas de testing aumenta su poder de análisis y de crítica, pues así es posible una investigación técnica cualificada. Esta investigación puede realizarse en profundidad si el profesional sabe utilizar su conocimiento de dominio de forma dirigida, buscando la realización de pruebas eficientes (que revelen defectos).
Esta charla presenta cuatro patterns para enseñar pruebas de software a no desarrolladores. Estos patterns se derivaron a partir de la experiencia de la proponente como instructora y profesora en cursos de testing en varios niveles de formación, para profesionales sin experiencia en desarrollo de software. Los patterns consideran el enfoque basado en el contexto, utilizando la estrategia basada en el riesgo, testing exploratorio y de caja negra. Para definir los patterns, fueron consideradas “patterns pedagógicos”, que captan el conocimiento de la práctica de la enseñanza y el aprendizaje y “testing patterns”. Los patterns que serán presentados en esta charla pueden ayudar a los profesores e instructores a enseñar el testing de software de manera significativa, cambiando el comportamiento y no solo aprendiendo conceptos.
Charla TestingUy 2019 - Contract Testing con PactTestingUy
Expositores: Juan De Souza y Pablo Ravera
Resumen: En el contexto de arquitecturas de microservicios se hace fundamental asegurar que la comunicación entre consumidores y proveedores se preserve durante el tiempo. Para este cometido los tests de integración ocupan un lugar central, pero los mecanismos tradicionales para llevarlos a cabo resultan poco robustos y costosos de mantener.
Para resolver estos problemas aparece el concepto de contract testing generando “pactos” entre los servicios, utilizando la herramienta Pact para asegurar la correcta comunicación.
En esta charla hablaremos de la experiencia con Pact dentro de nuestro proceso de integración continua.
Charla TestingUy 2019 - Testing de chatbotsTestingUy
Expositores: Paula Martínez y Rodrigo Beceiro
Resumen: En esta charla compartiremos nuestra experiencia en el testing de Chatbots. Veremos cómo funciona un chatbot y cuál es el estado del arte en esta tecnología. Hablaremos del procesamiento del lenguaje natural realizado por ellos buscando comprender qué debemos testear.
Analizaremos tanto la comprensión del chatbot como el manejo de sus flujos de diálogo y las dificultades que las conversaciones naturales no estructuradas representan para nosotros en el diseño, desarrollo así como en el testing.
Hablaremos también de herramientas de testing automático para chatbots y discutiremos qué limitantes presentan para nosotros herramientas como IBM Watson, Microsoft LUIS y Google Dialogflow.
Charla TestingUy 2019 - Cypress.io - Automatización al siguiente nivelTestingUy
Expositor: Didier Corrales
Resumen: En un ambiente de desarrollo ágil, las pruebas son fundamentales, entonces ¿qué tal si llevamos la automatización al siguiente nivel?.
Hay que olvidarse de los estándares más comunes y abrir la mente a aprender cómo mejorar la automatización por medio del uso de herramientas de siguiente generación.
Cypress.io permite a todo el equipo lograr las metas que se han trazado en automatización combinando desarrolladores y testers en un solo esfuerzo para crear productos con los más altos estándares de calidad.
Charla testingUy 2019 - ¿De dónde venimos y qué se nos viene? - Evolución de ...TestingUy
Expositores: Matías González, Paula Reyes y William Llanes
Resumen: El desarrollo de sistemas de información ha evolucionado a lo largo de tiempo y las tareas de QA como parte de este proceso no han sido la excepción. Tomando como base nuestra experiencia a lo largo de más de 10 años brindando servicios de consultoría en este tipo de proyectos haremos una breve recorrida de cómo ha sido esta evolución desde diferentes perspectivas que involucran al QA. Veremos cómo estos procesos se han ido transformando desde diversos aspectos en busca de mejorar la productividad y minimizar los riesgos propios de cada proyecto. Por último comentaremos cuáles son las nuevas tendencias en la solicitud de servicios de QA en Uruguay así como los principales desafíos que afronta el área y cómo los mismos impactarán en los servicios tal como los conocemos hoy en día.
Charla TestingUy 2019 - Pruebas de rendimiento, experiencias en la plataforma...TestingUy
Expositor: Anisbert Suárez Batista
Resumen: Las pruebas de rendimiento tienen un papel crucial para garantizar la calidad del servicio que ofrece PedidosYa, plataforma de comercio electrónico que conecta a los consumidores con restaurantes, farmacias, supermercados, etc., mediante la solicitud de pedidos online. Durante esta charla se presenta cómo contribuyen las pruebas de rendimiento al proceso de desarrollo, qué aplicaciones prácticas han tenido, qué herramientas se utilizan para la planificación, ejecución y reporte de las pruebas y qué lecciones aprendidas y buenas prácticas han permitido la mejora continua del proceso de prueba.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
2. What we are going to use ...
o Chakram
o http://dareid.github.io/chakram/
o Mocha
o https://mochajs.org/
o Chai
o http://chaijs.com/
o Mochawesome
o https://github.com/adamgruber/mochawesome
3. What is Chakram?
o Chakram is a REST API testing framework offering a BDD testing style and fully
exploiting promises
o This framework allows us to:
o Make HTTP Assertions
o Exploit Promises
o Use BDD + Hooks
o Extensibility
o Community support
4. What do we need?
o Project for MeetUp
o https://github.com/woolter/RestAPITesting
o ~/Documents $ git clone https://github.com/woolter/RestAPITesting.git
o ~/Documents $ cd RestAPITesting
o ~/Documents/RestAPITesting $ git checkout exercise
o Spring boot rest api example
o http://websystique.com/spring-boot/spring-boot-rest-api-example/
5. Step 1 - Getting Started
With the next few commands we can set up or project from scratch.
~/projectFolder $ npm install -g mocha
~/projectFolder $ npm init
~/projectFolder $ npm install --save-dev chakram
~/projectFolder $ npm install --save-dev mochawesome
~/projectFolder $ mkdir data
~/projectFolder $ mkdir test
To start our Spring boot rest api example
~/RestAPITesting/SpringBootRestApiExample $ mvn spring-boot:run
6. Step 2 - Get
o Create endpoint.json on data folder
o Create ddt.json on data folder
o Create 1_Get.js on test folder with this:
o Create variables for validation
https://jsonschema.net/#/editor
o Create function for all users and user by id
{
"user":"SpringBootRestApi/api/user/",
"userById":"SpringBootRestApi/api/user/{id}"
}
{
"environment":
{
"protocol":"http://",
"hostname":"localhost",
"port":":8080/"
}
}
let chakram = require('chakram');
let expect = chakram.expect;
endPoint = require('../data/endPoint.json');
ddt = require('../data/ddt.json');
"http://user:password@site
-----------------------------------------------------------
"login":"/j_spring_security_check?j_usernam
e={userName}&j_password={password}",
return chakram.get(request, {jar: cookie})
7. Step 2 - Get (continue)
o Basic test: get all users
o New test: get user by id
o Execute test
~/projectFolder/test $ mocha 1_Get.js
describe("Get", function () {
it("All User", function () {
return chakram.get(allUser())
.then(function (response) {
expect(response).to.have.schema(schemaGetAll);
expect(response.response.statusCode).to.equal(200);
})
});
});
it("User by ID", function () {
let userID = userById(1);
return chakram.get(userID)
.then(function (response) {
expect(response).to.have.schema(schemaGetById);
})
});
8. Step 3 - Post
o Create 2_Post.js on test folder with this:
o Add schema to create user
o Add variable for validation
o Add function for
o Create user
o Get user by Id
o Create test case to create user with existing user name
let chakram = require('chakram');
let expect = chakram.expect;
endPoint = require('../data/endPoint.json');
ddt = require('../data/ddt.json');
let bodyCreateUser = {
name: "",
age: "",
salary: ""
};
o Add data to ddt.json
"userData":{
"name":"yourName",
"age":35,
"salary":123456
}
it("Create a User with an existing name", function () {
bodyCreateUser.name = ddt.userData.name;
bodyCreateUser.age = ddt.userData.age;
bodyCreateUser.salary = ddt.userData.salary;
return chakram.post(createUser(), bodyCreateUser)
.then(function (response) {
expect(response.response.statusCode).to.equal(409);
expect(response.response.body.errorMessage).to.equal("Unable to
create. A User with name "+ddt.userData.name+" already" +
" exist.");
})
});
o Execute test
~/projectFolder/test $ mocha 2_Post.js
9. Step 4 - Put
o Create 3_Put.js on test folder with this:
o Add schema for update user
o Add function for
o Get user by Id
o Create test case to update age
let chakram = require('chakram');
let expect = chakram.expect;
endPoint = require('../data/endPoint.json');
ddt = require('../data/ddt.json');
let bodyCreteUser = {
name: "",
age: "",
salary: ""
};
it("Update Age", function () {
bodyCreateUser.name = userIdInformation.name;
bodyCreateUser.age = ddt.userData.ageUpdate;
bodyCreateUser.salary = userIdInformation.salary;
return chakram.put(userById(userIdToSearch),bodyCreateUser)
.then(function (response) {
expect(response.body.id).to.equal(userIdToSearch);
expect(response.body.name).to.equal(userIdInformation.name);
expect(response.body.age).to.equal(ddt.userData.ageUpdate);
expect(response.body.salary).to.equal(userIdInformation.salary);
})
});
o Execute test
~/projectFolder/test $ mocha 3_Put.js
10. Step 5 - Delete
o Create 4_Delete.js on test folder with:
o Required deferences
o Function to:
o Delete all user
o Delete user by Id
o Test case:
o Delete by Id
o Delete all
let chakram = require('chakram');
let expect = chakram.expect;
endPoint = require('../data/endPoint.json');
ddt = require('../data/ddt.json');ringBootRestApi/api/user/{id}"
function deleteAllUser() {
let users = ddt.environment.protocol + ddt.environment.hostname +
ddt.environment.port + endPoint.user;
return users;
}
function deleteUserById(id) {
let usersID = ddt.environment.protocol + ddt.environment.hostname +
ddt.environment.port + endPoint.userById;
usersID = usersID.replace("{id}", id);
return usersID;
}
describe("Delete", function () {
it("Delete by Id", function () {
let userID = deleteUserById(ddt.userData.deleteId);
return chakram.delete(userID)
.then(function (response) {
expect(response.response.statusCode).to.equal(204);
return chakram.get(userID)
.then(function (response) {
expect(response.response.body.errorMessage).to.equal("User
with id " + ddt.userData.deleteId + " not found");
})
})
});
});
it("All User", function () {
return chakram.delete(deleteAllUser())
.then(function (response) {
expect(response.response.statusCode).to.equal(204);
return chakram.get(deleteAllUser())
.then(function (response) {
expect(response.response.statusCode).to.equal(204);
console.log(response);
})
})
});
o Execute test
~/projectFolder/test $ mocha 4_Delete.js
11. Step 6 - Execute all test case
o Execute test
~/projectFolder $ mocha --recursive testCaseFolder/ --reporter mochawesome